←back to thread

List of Printers Which Do or Do Not Display Tracking Dots

(www.eff.org)
586 points prawn | 2 comments | 06 Jun 17 22:12 UTC | HN request time: 0s | source
Show context
schoen ◴[06 Jun 17 23:30 UTC] No.14502425[source]
I wrote this article/originally created this list, and I would like to emphasize that there is a second generation of this technology that probably uses dithering parameters or something of that sort, and that does not produce visible dots but still creates a tracking code. We don't know the details but we do know that some companies told governments that they were going to do this, and that some newer printers from companies that the government agencies said were onboard with forensic marking no longer print yellow dots.

That makes me think that it may have been a mistake to create this list in the first place, because the main practical use of the list would be to help people buy color laser printers that don't do forensic tracking, yet it's not clear that any such printers are actually commercially available.

replies(8): >>14502841 #>>14503474 #>>14504327 #>>14504357 #>>14504856 #>>14505064 #>>14505539 #>>14507194 #
kefka ◴[07 Jun 17 15:27 UTC] No.14507194[source]
Well, that being said, it sounds like there needs to be a more rigorous way of detecting these new codes.

One way I can think of, is to record data on the CMYK pins on the inkjet head itself. IIRC, they activate between 17v and 22v, and pulse per high.

The goal here is to make the printer think its printing, while recording all the data of the pulse operations. We would get a lengthy file out.

Ideally, the pulse coding should be consistent if printing the same image. "Printing" the same thing over multiple times could show time/date codes embedded.

I should also be able to compare underlying system internals too, with multiple clones of VMs with small config details different. They should be the same data. If they aren't, we know its encoding system stuffs.

But yeah, there is a way to attack this, and that's by going lower in the stack and treating the printers as a black box. It's not the best way, but a way I've thought of that could at least detect this new technique.

replies(2): >>14507342 #>>14508326 #
nobodyorother ◴[07 Jun 17 15:46 UTC] No.14507342[source]
Would filling all the color tanks with black ink before printing make initial detection easier?
replies(1): >>14507375 #
1. kefka ◴[07 Jun 17 15:50 UTC] No.14507375[source]
I doubt it. There's tons of tricks and things that can be done to steganographically hide data in images. And given the algo is hidden, and the data is hidden in plain sight, we have to go to a level that can't be hidden from us.

Printing in different inks also wouldn't show us a way to diff 2 printed images. Whereas, saving the pulses from the CMYK pins would do that.

When you have a datalog of lots of pulses that represent a picture, you can back-calculate it into an image. You can also diff it without relying on losing data from scanning (or paying attention to the wrong thing). And with enough samples, we can recalculate the algorithm. With the knowledge of what they're doing, we can then start scanning other images for this... But only once we know what they're doing.

replies(1): >>14510755 #
2. dajt ◴[07 Jun 17 23:39 UTC] No.14510755[source]
What about printing two images, each with only 1 black pixel in a different place?